Online fraud warning for Lloyds and Halifax customers

Customers of Lloyds TSB, Halifax and Bank of Scotland who bank online may be
targeted by fraudsters in a new series of "phishing" scams as a
result of the banks' merger, the owner of the new "super bank" has
warned.

Customers of Lloyds TSB, Halifax and Bank of Scotland who bank online may be targeted by fraudsters Photo: GETTY

Phishing scams involve fraudsters sending emails to as many addresses as they can. The emails usually purport to come from one of the major banks or building societies and ask customers – usually on the pretext of a "system upgrade" or "security check" – to confirm their login information by clicking on a link to a website.

These websites are convincing copies of the banks' actual sites, so many customers are fooled into following the instructions and typing in their passwords and security details, giving the fraudsters behind the websites all the information they need to log in to the accounts and steal the money in them.

Although many people are now aware of phishing and know that they should never click on the links, Lloyds Banking Group, the new owner of Lloyds, Halifax and Bank of Scotland, fears that the change of ownership will provide fraudsters with an ideal pretext for requesting security information and that customers may let their guard down as a result.

"Fraudsters are opportunists who are always on the hunt for new ways to dupe customers," said Rob Devey of Lloyds. "It should come as no surprise that the creation of Lloyds Banking Group may trigger another spate of phishing attacks."

Any emails purporting to come from Lloyds Banking Group would be bogus, the company said. "Lloyds Banking Group is the company holding name and will never be used as a customer-facing brand so customers can be sure that if they receive an email claiming to be from Lloyds Banking Group it will be fraudulent."

Related Articles

Even emails from one of the genuine banking brands would never ask for sensitive information.

"Brands under the Lloyds Banking Group banner such as Lloyds TSB, Halifax and Bank of Scotland never send emails asking customers for their personal security details," said Mr Devey. "So any email a customer receives which requests information such as passwords is fake, no matter how genuine it appears to be.

"The simple rule is that customers should never respond to any emails asking for security details."

The company added that although rising public awareness and new anti-fraud technology had started to reduce the impact of online banking fraud, phishing scams were still common. More than 20,000 fraudulent phishing websites were set up in the first half of 2008 – an increase of more than 180 per cent from the same period in the previous year, it said.

Phishing is only one of many threats to those who bank online. The bank has produced the following advice to ensure that customers keep their accounts secure.

Choose "strong" passwords that include a mix of letters and numbers, and change them regularly.

Try not to use internet banking in a public place such as an internet café.

If you do use internet banking in a public place, always log off before you leave and don't leave the computer unattended.

Check your accounts regularly to see if any suspicious transactions have taken place – get in touch with your bank straight away if you do notice anything suspicious.

Install antivirus software and firewalls on your computer to protect against attack from fraudsters and keep your computer updated with the latest security "patches" that companies such as Microsoft issue from time to time.

Don't download software unless you're sure of the source and be wary of suspicious emails that could be from fraudsters.